OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Jack J. Woehr (jwoehrattglobal.net)
Date: Tue May 01 2001 - 20:29:26 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Hi --

    I am afraid that I am terrible at procedure with the Ports
    thing having never submitted a full port ...

    But here are three patches for /usr/ports/misc/mc in case
    anyone with access to the ports tree cares to add them. I
    posted them to the list last month but not sure anyone
    noticed them (even to tell me that I did this submit wrong).

    These patches clean up the remaining tmpnam() problems in mc
    as present in the 2.8 ports collection. There still remains
    in mc one use of tempnam() but it looks innocuous.

    I don't know if this is enough to un-mark the port BROKEN. The
    previous gone-missing maintainer seems to have anticipated a
    full security audit. 

    --
Jack J. Woehr                 # Ceterum censeo
PO Box 51, Golden, CO 80402   # in herbas belli
http://www.softwoehr.com      # ab idem desistamus.

    *** vfs/tar.c.orig Mon May 25 04:16:04 1998 --- vfs/tar.c Sat Apr 14 01:44:59 2001 *************** *** 339,355 **** --- 339,378 ---- int size, int fd, int type) { FILE *f; + #ifdef __OpenBSD__ + int tmp_fd; + #endif char *command; int i, result; int dash_number = 0; char buffer [8192]; /* Changed to 8K: better transfer size */ current_archive->is_gzipped = tar_uncompressed_local; + + #ifdef __OpenBSD__ + #define TEMPFILE "/tmp/mcXXXXXXXXXX" + current_archive->tmpname = strdup (TEMPFILE); + tmp_fd = mkstemp(current_archive->tmpname); + + if (-1 == tmp_fd) { + mc_close (fd); + free_archive (current_archive); + return -1; + } + + close(tmp_fd); + + /* Some security is sometimes neccessary :) */ + /* But mkstemp() obviates the need to "touch" the tmpname file. */ + command = copy_strings ( ///// "touch ", current_archive->tmpname, + ///// " ; chmod 0600 ", current_archive->tmpname, " ; ", + #else current_archive->tmpname = strdup (tmpnam (NULL)); /* Some security is sometimes neccessary :) */ command = copy_strings ("touch ", current_archive->tmpname, " ; chmod 0600 ", current_archive->tmpname, " ; ", + #endif decompress_command (type), "2>/dev/null >", current_archive->tmpname, NULL);

    *** vfs/extfs.c.orig Sat Apr 14 01:32:15 2001 --- vfs/extfs.c Sat Apr 14 01:43:52 2001 *************** *** 749,755 **** --- 749,761 ---- if (entry->inode->local_filename == NULL) { char *cmd, *archive_name; + #ifdef __OpenBSD__ + #define TEMPFILE "/tmp/mcXXXXXXXXXX" + entry->inode->local_filename = strdup (TEMPFILE); + close(mkstemp(entry->inode->local_filename)); + #else entry->inode->local_filename = strdup (tmpnam (NULL)); + #endif p = extfs_get_path_from_entry (entry); q = name_quote (p, 0); free (p);

    *** vfs/ftpfs.c.orig Sat Apr 14 01:47:44 2001 --- vfs/ftpfs.c Sat Apr 14 02:16:09 2001 *************** *** 1744,1754 **** --- 1744,1771 ---- int total, tmp_reget = do_reget; char buffer[8192]; int local_handle, sock, n; + #ifdef __OpenBSD__ + int tmp_fd; + #endif if (fe->local_filename) return 1; fe->local_stat.st_mtime = 0; + + #ifdef __OpenBSD__ + #define TEMPFILE "/tmp/mcXXXXXXXXXX" + fe->local_filename = strdup(TEMPFILE); + tmp_fd = mkstemp(fe->local_filename); + if (-1 == tmp_fd) { + free(fe->local_filename); + fe->local_filename = NULL; + } + else { + close(tmp_fd); + } + #else fe->local_filename = strdup(tmpnam(NULL)); + #endif fe->local_is_temp = 1; if (fe->local_filename == NULL) { ftpfserrno = ENOMEM; *************** *** 1851,1856 **** --- 1868,1876 ---- struct linklist *file_list, *lptr; struct ftpfs_dir *dcache; struct stat sb; + #ifdef __OpenBSD__ + int tmp_fd; + #endif p = strrchr(file_name, '/'); q = *p; *************** *** 1911,1917 **** --- 1931,1949 ---- ent->local_filename = 0; } if (flags & O_TRUNC) { + #ifdef __OpenBSD__ + ent->local_filename = strdup(TEMPFILE); + tmp_fd = mkstemp(ent->local_filename); + if (-1 == tmp_fd) { + free(ent->local_filename); + ent->local_filename = NULL; + } + else { + close(tmp_fd); + } + #else ent->local_filename = strdup(tmpnam(NULL)); + #endif if (ent->local_filename == NULL) { ftpfserrno = ENOMEM; return NULL; *************** *** 1964,1970 **** --- 1996,2014 ---- ent->bucket = bucket; ent->name = strdup(p); ent->remote_filename = strdup(file_name); + #ifdef __OpenBSD__ + ent->local_filename = strdup(TEMPFILE); + tmp_fd = mkstemp(ent->local_filename); + if (-1 == tmp_fd) { + free(ent->local_filename); + ent->local_filename = NULL; + } + else { + close(tmp_fd); + } + #else ent->local_filename = strdup(tmpnam(NULL)); + #endif if (!ent->name && !ent->remote_filename && !ent->local_filename) { ftpentry_destructor(ent); ftpfserrno = ENOMEM;